Detections
Analytics

CVE-2023-45371

high

Description

An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. There is no rate limit for merging items.

References

https://phabricator.wikimedia.org/T345064

https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Wikibase/+/961264

Details

Source: Mitre, NVD

Published: 2023-10-09

Updated: 2023-10-12

Risk Information

CVSS v2

Base Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Severity: High

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: High